Security News > 2002 > September > Linux Security Week - September 16th 2002
+---------------------------------------------------------------------+ | LinuxSecurity.com Weekly Newsletter | | September 16th, 2002 Volume 3, Number 36n | | | | Editorial Team: Dave Wreski dave () linuxsecurity com | | Benjamin Thomas ben () linuxsecurity com | +---------------------------------------------------------------------+ Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines. This week, perhaps the most interesting articles include "Stealthful Sniffing, Intrusion Detection and Logging," "Evaluating Network Intrusion Detection Signatures," "The IP Security Protocol," and "Coordinating a Disaster Plan." :: ENCRYPTION + AUTHENTICATION = TRUST :: You may think people will regard your business as trustworthy because you've got a 128-bit encryption certificate, but encryption does not guarantee trust. Thawte believes in rigorous authentication: Download our FREE Authentication Guide --> http://www.gothawte.com/rd362.html This week, advisories were released for ethereal, python, cacti, postgresql, kdelibs, krb5, php, wordtrans, gaim, glibc, util-linux. The vendors include Contiva, Debian, Gentoo, Mandrake, and Red Hat. http://www.linuxsecurity.com/articles/forums_article-5695.html FEATURE: NFS Security - NFS (Network File System) is a widely used and primitive protocol that allows computers to share files over a network. The main problems with NFS are that it relies on the inherently insecure UDP protocol, transactions are not encrypted and hosts and users cannot be easily authenticated. Below we will show a number of issues that one can follow to heal those security problems. http://www.linuxsecurity.com/feature_stories/feature_story-118.html Concerned about the next threat? EnGarde is the undisputed winner! Hardened Linux Puts Hackers EnGarde! Winner of the Network Computing Editor's Choice Award, EnGarde "walked away with our Editor's Choice award thanks to the depth of its security strategy..." Find out what the other Linux vendors are not telling you. -> http://ads.linuxsecurity.com/cgi-bin/ad_redirect.pl?id=engarde2 +---------------------+ | Host Security News: | <<-----[ Articles This Week ]------------- +---------------------+ * Web Server Security: Securing Dynamic Web Content September 12th, 2002 Once upon a time, the World Wide Web was a relatively static place. The Web server's sole function was to simply deliver a requested Web page, written in HTML, to a client browser. Over time, developers started looking for ways to interact with users by providing dynamic content -- that is, content that displayed a form or executed a script based on user input. http://www.linuxsecurity.com/articles/server_security_article-5689.html * Securing Debian Manual September 10th, 2002 This document describes the process of securing and hardening the default Debian installation. It covers some of the common tasks to setup a secure network environment using Debian GNU/Linux and also gives additional information on the security tools available as well as the work done by the Debian security team. http://www.linuxsecurity.com/articles/documentation_article-5675.html +------------------------+ | Security Sources News: | +------------------------+ * OpenSSL Worm Loose in the Wild September 15th, 2002 There has been credible reports that a worm propagating in the wild is breaking into servers running vulnerable versions of OpenSSL. Last month, several critical security issues, including a client-exploitable remote buffer overflow in the SSLv2 handshake process, were discovered in all OpenSSL versions prior to 0.9.6e. http://www.linuxsecurity.com/articles/security_sources_article-5699.html +------------------------+ | Network Security News: | +------------------------+ * Paranoid Penguin: Stealthful Sniffing, Intrusion Detection and Logging September 13th, 2002 In a column about syslog [see "syslog Configuration" in the December 2001 issue of Linux Journal] I mentioned ``stealth logging''--by running your central log server without an IP address, you can hide your central log server from intruders. But log servers aren't the only type of system that can benefit from a little stealth. http://www.linuxsecurity.com/articles/documentation_article-5698.html * Insecure wireless networks exposed September 12th, 2002 A local consulting firm launched a controversial Web site yesterday that shows gaping security holes in hundreds of wireless networks throughout the downtown core, including many in the financial district and some government and university areas. http://www.linuxsecurity.com/articles/network_security_article-5691.html * Evaluating Network Intrusion Detection Signatures, Part 1 September 11th, 2002 Karen Kent Frederick of SecurityFocus writes, "Over the past several years, a number of academic and commercial entities have conducted evaluations of various network intrusion detection (NID) software, to determine the overall effectiveness of each product and to compare the products to each other. http://www.linuxsecurity.com/articles/intrusion_detection_article-5682.html * Know Your Enemy: Honeynets September 11th, 2002 Lance Spitzner let us know about the latest from the Honeynet Project. "A Honeynet is nothing more then one type of honeypot. Specifically, it is a high interaction honeypot designed primarily for research, to gather information on the enemy. http://www.linuxsecurity.com/articles/intrusion_detection_article-5685.html * Hacking techniques: War dialing September 11th, 2002 This article looks at a popular form of attack on an organization's computer network known as war dialing. The term war dialing involves the exploitation of an organization's telephone, dial, and private branch exchange (PBX) systems to penetrate internal network and computing resources. http://www.linuxsecurity.com/articles/hackscracks_article-5683.html * IDS Installation with Mandrake 8.2 September 10th, 2002 If you have a system or network connected to the Internet, you become a target. Your network is being scanned for vulnerabilities. This may happen only once a month or twice a day, regardless, there are people out there probing your network and systems for weaknesses. http://www.linuxsecurity.com/articles/intrusion_detection_article-5671.html * The IP Security Protocol, Part 1 September 9th, 2002 Explaining IPSec, different levels of security and how to be safe sending and receiving packets over the network. .. VPNs (virtual private networks, i.e., private networks deployed over a public packet infrastructure) are definitely emerging as the solution of choice for the interconnection of distant offices belonging to the same company. http://www.linuxsecurity.com/articles/cryptography_article-5665.html * The IP Security Protocol, Part 2 September 9th, 2002 Encapsulating security payloads, key exchange mechanisms and other components of establishing secure data transfers. In Part 2, we move on to encapsulating security payloads and key exchange mechanisms. IPSec ESP format, specified in RFC 2406, provides confidentiality, authenticity and integrity. http://www.linuxsecurity.com/articles/cryptography_article-5668.html +------------------------+ | General: | +------------------------+ * The Anti-Spam Cookbook September 13th, 2002 Just about everyone but native Hawaiians and direct marketers hate spam. Hawaiians consider Spam--the canned luncheon meat--a staple in cooking, having developed a number of amazing recipes using it as the main ingredient . http://www.linuxsecurity.com/articles/security_sources_article-5697.html * Kerberos: The watchdog of the Ether September 12th, 2002 The first computer networks were used to send e-mails and share files and printers between researchers and corporate employees. In such a scenario security was not given much thought. Now the computer networks (especially the Internet) are used by millions for banking, shopping and filing their tax returns, and network security has become a major problem. http://www.linuxsecurity.com/articles/network_security_article-5694.html * IT managers cite security and competition when choosing a Linux system September 12th, 2002 A Cannes-based private investigator, Alain Stevens, recently switched computer operating systems from Windows to Linux. "It's a security issue," Stevens said. "Viruses which target Windows could send confidential documents from my machines to random people - and that could send me to prison." http://www.linuxsecurity.com/articles/forums_article-5688.html * The Weakest Link in Disaster Recovery September 11th, 2002 Much of the focus of disaster recovery planning is on creating redundant data sites and backup tapes. Very often, a crucial component is overlooked: that of keeping current documentation for all IT configuration settings. Having such documentation and the original software discs can restore a network 40 percent faster than running backup tapes. http://www.linuxsecurity.com/articles/general_article-5681.html * Computer forensics specialists in demand as hacking grows September 9th, 2002 "There simply are not enough people to do this work," says Scott Pancoast, a Seattle-based certified forensic computer examiner with the Washington state Attorney General's Office. http://www.linuxsecurity.com/articles/intrusion_detection_article-5669.html * Coordinating a Disaster Plan September 9th, 2002 In establishing a game plan for organizational disaster recovery initiatives, there should be synergy between IT operations groups and lines of business in categorizing applications for business continuity/disaster recovery and understanding the costs involved. http://www.linuxsecurity.com/articles/security_sources_article-5661.html ------------------------------------------------------------------------ Distributed by: Guardian Digital, Inc. LinuxSecurity.com To unsubscribe email newsletter-request () linuxsecurity com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.